Skip to content

Default service account seems invalid

When setting:

gitlab-runner:
  rbac:
    enabled: true

Then it'll create a service account named {{ include "gitlab-runner.fullname" . }} (see also this code). However the runner themselves will by default keep using the default service account, so they cannot for example access the cluster.

I think that the default value in https://gitlab.com/gitlab-org/charts/gitlab-runner/-/blob/master/templates/_env_vars.tpl#L47 should be adjusted to be:

serviceAccountName: {{ if .Values.runners.serviceAccountName }}{{ default "" .Values.runners.serviceAccountName | quote }}{{ else if .Values.rbac.create }}{{ include "gitlab-runner.fullname" . }}{{ else }}""{{ end }}

Possibly even:

serviceAccountName: {{ if .Values.rbac.create }}{{ include "gitlab-runner.fullname" . }}{{ else }}{{ default "" .Values.runners.serviceAccountName | quote }}{{ end }}
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information